Security Update 1, February 27, 2001
Download
|
Read This First
This update resolves two security vulnerabilities in Internet Explorer, and is discussed in Microsoft Security Bulletin MS01-015. Download now to help prevent malicious Web site operators from running programs on your computer or reading your files when you visit their sites.
The two issues this update resolves are:
| • | A vulnerability that could allow an unauthorized user to learn the location of cached content on your computer. This could enable the unauthorized user to launch compiled HTML Help (.chm) files that contain shortcuts to executables, thereby enabling the unauthorized user to run the executables on your computer. |
| • | A new variant of the "Frame Domain Verification" vulnerability, which was originally discussed in Microsoft Security Bulletin MS00-033, could enable a malicious Web site operator to open two browser windows, one in the Web site's domain and the other on your local file system (in your computer), and to pass information from your computer to the Web site. This enables the Web site operator to read, but not change, any file on your computer that can be opened in a browser window. |
For more information about these vulnerabilities, read Microsoft Security Bulletin MS01-015.
